FSLogic Protect 1.0 supports multiple personalities.
So you just left the local copy shop after printing out a revised sales presentation when you suddenly realize the confidential file is still on their computer system. Is it time to panic? Not if the shop is using FSLogic Protect.
FSLogic Protect 1.0 (recently acquired by Altiris) is designed to safeguard multiple-user access and public use computers, such as those found in copy shops, Internet cafes and libraries. It’s also perfect for PCs shared by traveling salespeople, consultants, or corporate visitors. Instead of locking down these computers, Protect allows users to control their own experience and configuration. Each user can change their own preferences or settings, and save or delete files without placing other users’ information or settings at risk.
Protect works by storing all changes made during a session in its own “File System Layer.” This layer keeps track of all Registry, file and configuration changes so they can be saved, archived or deleted upon the end of a session. Once the user logs off, the PC is restored to its original setting without rebooting.
Protect also offers discrete control over multiple user sessions. The software can be configured to either protect or not protect a user’s session. If not protected, all changes made in that session are applied to the original installation. This way, administrators can apply security patches and make configuration changes. If the session’s protected, the administrator has the option of archiving the user’s session, leaving the session on the computer or removing it. If the session is removed, all changes associated with it are also removed.
One really nice feature of Protect is the ability to migrate a user’s session from one computer to another—this way the star traveling salesperson can have the same experience, no matter which PC he or she takes over. And profiles can be stored on a network location so the users will get their same desktop experience when moving across PCs.
Protect only works with Windows 2000 and newer operating systems using NTFS formatted disks. System requirements are equivalent to the OSs for memory and processor; however, file
storage requirements need to be taken into consideration. The more sessions left on the computer, the greater the amount of disk space needed.
The test bed on which I tried out Protect consisted of a 512MB 2.8MHz machine running Windows 2000 Professional, Win2K Server, XP Professional and Windows 2003.
Installation and configuration is straightforward, although it does require a reboot. The first step is to configure the administrator, which defaults to the local administrator. Users are grouped by the PC’s local groups. In an Active Directory environment, you can protect users by adding global groups to the local groups.
After configuring the administrative user and defining a test folder
to exclude, it was time to configure the users. For each user, the administrator
must define whether to protect the user or not. If the user’s protected,
the administrator must also define whether the changes will be archived
to a network location, stored locally or discarded upon session termination.
|The Configure console in FSLogic makes
it easy to choose whether or not to protect a user, and what to do
with an unprotected session.
Testing results were exactly as advertised. In controlled tests, a series of configuration changes were made under various user profiles. These changes included software installations, Registry changes, saving files and other configuration changes. Snapshots of the Registry and file system were taken before and after the installations to verify the results. In all cases, Protect performed as instructed. Protected sessions were deleted, archived or saved based upon the configuration. Non-protected sessions were applied directly to the underlying OS. Additionally, Protect successfully imported a session from another system and applied the changes seamlessly.
Protect is worth a look in public-use computing areas such as mall kiosks and schools using Win2K and newer OSs. In corporate environments, the software would offer benefits to call centers, lab environments and other areas that house open-access PCs.
Matthew A. Kinsey, MCSE, MCSE+I, CCNA, holds a Master's Degree in computer information systems; he's a senior-level engineer for a major retailer.